Microsoft Windows Security Essentials
Introduction
Who Should Read This Book
What You Will Learn
Prerequisites
What You Need
What Is Covered in This Book
Chapter 1: Understanding Core Security Principles
Understanding Risk
Exploring the Security Triad
Protecting Against Loss of Confidentiality
Protecting Against Loss of Availability
Protecting Against Loss of Integrity
Implementing a Defense-in-Depth SecurityÂStrategy
Enforcing the Principle of Least Privilege
Hardening a Server
Reducing the Attack Surface
Keeping a System Updated
Enabling the Firewall
Installing Antivirus Software
Chapter 2: Understanding Malware and SocialÂEngineering
Comparing Malware
Viruses
Worms
Trojan Horses
Buffer-Overflow Attacks
Spyware
Understanding the Threat
Protecting Against Malware
Using Antivirus Software
Using Microsoft Security Essentials on Desktops
Thwarting Social-Engineering Attacks
Social Engineering in Person
Social Engineering with a Phone Call
Recognizing Phishing Attempts
Recognizing Pharming
Protecting Email
Chapter 3: Understanding User Authentication
Comparing the Three Factors ofÂAuthentication
Using Passwords for Authentication
Comparing Password Attack Methods
Creating Strong Passwords
Enforcing Strong Passwords
Exploring Account Lockout Policies
Unlocking an Account
Resetting a Password
Changing a Password
Creating a Password-Reset Disk
Using Smart Cards and Token Devices forÂAuthentication
Using Biometrics for Authentication
Starting Applications with RunÂAsÂAdministrator
Preventing Time Skew with Kerberos
Identifying RADIUS Capabilities
Identifying Unsecure AuthenticationÂProtocols
LM
NTLM (NTLMv1)
Chapter 4: Securing Access withÂPermissions
Comparing NTFS Permissions.
Identifying Basic NTFS Permissions
Identifying Advanced NTFS Permissions
Combining Permissions
Enabling and Disabling Permission Inheritance
Moving and Copying Files
Comparing NTFS and FAT
Exploring Share Permissions
Identifying Share Permissions
Combining NTFS and Share Permissions
Identifying Active Directory Permissions
Viewing Active Directory Users and Computers
Comparing NTFS and ActiveÂDirectoryÂPermissions
Viewing Active Directory Permissions
Assigning Registry Permissions
Chapter 5: Using Audit Policies and Network Auditing
Exploring Audit Policies
Exploring Object Access Auditing
Comparing Account Logon and Logon Events
Exploring Directory Service Access Auditing
Understanding Account Management Auditing
Understanding System Events Auditing
Understanding Privilege Use Auditing
Understanding Policy Change Auditing
Understanding Process Tracking
Enabling Auditing
Enabling Object Access Auditing
Enabling Directory Service Access Auditing
Viewing Audit Information
Managing Security Logs
Saving Audit Information
Securing Audit Information
Auditing a Network with MBSA
Installing MBSA
Running MBSA
Chapter 6: Protecting Clients and Servers
Understanding User Account Control
Understanding the Dimmed Desktop
Modifying User Account Control
Keeping Systems Updated
Updating Systems with Automatic Updates
Updating Systems with WSUS or SCCM
Using Group Policy to Configure Clients
Protecting Clients
Understanding Offline Folders
Encrypting Offline Folders
Using Software-Restriction Policies
Protecting Servers
Using Separate VLANs
Separating Services
Using Read-Only Domain Controllers
Exploring DNS Security Issues
Protecting Against Email Spoofing withÂSPFÂRecords
Understanding Dynamic Updates.
Using Secure Dynamic Updates
Chapter 7: Protecting a Network
Identifying Common Attack Methods
Denial of Service
Distributed Denial of Service
Sniffing Attack
Spoofing Attack
Port Scan
Exploring Firewalls
Comparing Hardware-Based and Software-BasedÂFirewalls
Comparing UTMs and SCMs
Isolating Servers on Perimeter Networks
Using Honeypots
Isolating a Network with NAT
Exploring Network Access Protection
Understanding NAP Components
Evaluating Client Health with VPN Enforcement
Using Other NAP Enforcement Methods
Identifying NAP Requirements
Identifying Protocol Security Methods
IPsec
Comparing Tunneling Protocols
DNSSEC
Chapter 8: Understanding Wireless Security
Comparing Wireless Devices
Wireless Adapters
Wireless Access Points
Wireless Routers
Comparing Wireless Security Methods
Understanding Encryption Keys
Wired Equivalent Privacy
Wi-Fi Protected Access
Wi-Fi Protected Access Version 2
Extended Authentication Protocol
Viewing Windows 7 Wireless Settings
Configuring Wireless Routers
Changing the Default Administrator Password
Changing the SSID
To Broadcast or Not to Broadcast
Using MAC Filters
Configuring Windows 7 for Wireless
Chapter 9: Understanding Physical Security
Comparing Site Security and ComputerÂSecurity
Understanding the Importance of Physical Security
Controlling Physical Access
Using Switches Instead of Hubs
Using Group Policy to Enhance ComputerÂSecurity
Understanding Default GPOs
Designing OUs and GPOs to Manage UsersÂandÂComputers
Creating OUs in a Domain
Moving Objects into an OU
Creating GPOs to Manage Users and Computers
Understanding Security Settings in a GPO
Disabling Log On Locally with Group Policy
Controlling Removable Storage Access withÂGroup Policy.